WebSVN – LeadersLinked - Antes de SPA – Diff – /module/LeadersLinked/src/Controller/AuthController.php

 <?php
 declare(strict_types=1);
+namespace LeadersLinked\Controller;
+use Nullix\CryptoJsAes\CryptoJsAes;
-namespace LeadersLinked\Controller;
+use GeoIp2\Database\Reader As GeoIp2Reader;
 use Laminas\Authentication\AuthenticationService;
 use Laminas\Authentication\Result as AuthResult;
 use Laminas\Db\Adapter\AdapterInterface;
 use Laminas\Cache\Storage\Adapter\AbstractAdapter;
 use Laminas\Http\Header\SetCookie;
 use Laminas\Mvc\Controller\AbstractActionController;
 use Laminas\Log\LoggerInterface;
-use Laminas\View\Model\ViewModel;
+use Laminas\View\Model\ViewModel;
 use Laminas\View\Model\JsonModel;
 use GeoIp2\Database\Reader As GeoIp2Reader;
 use LeadersLinked\Form\Auth\SigninForm;
 use LeadersLinked\Form\Auth\ResetPasswordForm;
-use LeadersLinked\Form\Auth\ForgotPasswordForm;
+use LeadersLinked\Form\Auth\ForgotPasswordForm;
 use LeadersLinked\Form\Auth\SignupForm;
 use LeadersLinked\Authentication\AuthAdapter;
+use LeadersLinked\Mapper\ConnectionMapper;
+use LeadersLinked\Mapper\EmailTemplateMapper;
+use LeadersLinked\Mapper\NetworkMapper;
 use LeadersLinked\Mapper\UserMapper;
 use LeadersLinked\Mapper\EmailTemplateMapper;
 use LeadersLinked\Model\User;
 use LeadersLinked\Model\UserType;
 use LeadersLinked\Library\QueueEmail;
 use LeadersLinked\Mapper\UserIpMapper;
 use LeadersLinked\Model\UserIp;
 use LeadersLinked\Form\Auth\MoodleForm;
 use LeadersLinked\Library\Rsa;
 use LeadersLinked\Library\Image;
+use LeadersLinked\Authentication\AuthAdapter;
 use LeadersLinked\Authentication\AuthEmailAdapter;
-use Nullix\CryptoJsAes\CryptoJsAes;
 use LeadersLinked\Model\UserPassword;
-use LeadersLinked\Mapper\ConnectionMapper;
 use LeadersLinked\Model\Connection;
+use LeadersLinked\Authentication\AuthImpersonateAdapter;
 class AuthController extends AbstractActionController
-        $request = $this->getRequest();
+        $request = $this->getRequest();
         if($request->isPost()) {
-        if($request->isPost()) {
+            $currentNetworkPlugin = $this->plugin('currentNetworkPlugin');
                 $email      = $dataPost['email'];
                 $password   = $dataPost['password'];
                 $remember   = $dataPost['remember'];
                 $authAdapter = new AuthAdapter($this->adapter, $this->logger);
-                $authAdapter->setData($email, $password);
+                $authAdapter->setData($email, $password, $currentNetwork->id);
                 $authService = new AuthenticationService();
+        }
+    }
     public function signoutAction()
     {
+        $currentUserPlugin = $this->plugin('currentUserPlugin');
+        $currentUser = $currentUserPlugin->getRawUser();
+        if($currentUserPlugin->hasImpersonate()) {
+            $userMapper = UserMapper::getInstance($this->adapter);
+            $userMapper->leaveImpersonate($currentUser->id);
+            $networkMapper = NetworkMapper::getInstance($this->adapter);
+            $network = $networkMapper->fetchOne($currentUser->network_id);
+            if(!$currentUser->one_time_password) {
+                $one_time_password = Functions::generatePassword(25);
+                $currentUser->one_time_password = $one_time_password;
+                $userMapper = UserMapper::getInstance($this->adapter);
+                $userMapper->updateOneTimePassword($currentUser, $one_time_password);
+            }
+            $sandbox = $this->config['leaderslinked.runmode.sandbox'];
+            if($sandbox) {
+                $salt = $this->config['leaderslinked.backend.sandbox_salt'];
+            } else {
+                $salt = $this->config['leaderslinked.backend.production_salt'];
+            }
+            $rand = 1000 + mt_rand(1, 999);
+            $timestamp = time();
+            $password = md5($currentUser->one_time_password . '-' . $rand . '-' . $timestamp . '-' . $salt);
+            $params = [
+                'user_uuid' => $currentUser->uuid,
+                'password' => $password,
+                'rand' => $rand,
+                'time' => $timestamp,
+            ];
+            $currentUserPlugin->clearIdentity();
+            $url = 'https://'. $network->main_hostname . '/signin/impersonate' . '?' . http_build_query($params);
+            return $this->redirect()->toUrl($url);
+        } else {
-        $currentUser = $this->plugin('currentUserPlugin');
-        if($currentUser->hasIdentity()) {
+            if($currentUserPlugin->hasIdentity()) {
+                $this->logger->info('Desconexión de LeadersLinked', ['user_id' => $currentUserPlugin->getUserId(), 'ip' => Functions::getUserIP()]);
+            }
+            $authService = new \Laminas\Authentication\AuthenticationService();
+            $authService->clearIdentity();
-            $this->logger->info('Desconexión de LeadersLinked', ['user_id' => $currentUser->getUserId(), 'ip' => Functions::getUserIP()]);
+            return $this->redirect()->toRoute('home');
-        }
-        $authService = new \Laminas\Authentication\AuthenticationService();
-        $authService->clearIdentity();
         return $this->redirect()->toRoute('home');
+    }
                     } else {
                         $password_reset_key = md5($user->email. time());
                         $userMapper->updatePasswordResetKey((int) $user->id, $password_reset_key);
                         $emailTemplateMapper = EmailTemplateMapper::getInstance($this->adapter);
-                        $emailTemplate = $emailTemplateMapper->fetchOne(EmailTemplate::ID_RESET_PASSWORD);
+                        $emailTemplate = $emailTemplateMapper->fetchOne(EmailTemplate::CODE_RESET_PASSWORD);
                         if($emailTemplate) {
                             $arrayCont = [
                                 'firstname'             => $user->first_name,
                                 'lastname'              => $user->last_name,
                         $userPasswordMapper = UserPasswordMapper::getInstance($this->adapter);
                         $userPasswordMapper->insert($userPassword);
                         $emailTemplateMapper = EmailTemplateMapper::getInstance($this->adapter);
-                        $emailTemplate = $emailTemplateMapper->fetchOne(EmailTemplate::ID_USER_REGISTER);
+                        $emailTemplate = $emailTemplateMapper->fetchOne(EmailTemplate::CODE_USER_REGISTER);
                         if($emailTemplate) {
                             $arrayCont = [
                                 'firstname'             => $user->first_name,
+        }
         return new JsonModel($data);
-    }
-    public function testAction()
-    {
-        $authAdapter = new AuthEmailAdapter($this->adapter);
-        $authAdapter->setData('santiago.olivera@leaderslinked.com');
-        $authService = new AuthenticationService();
-        $authService->setAdapter($authAdapter);
-        $result = $authService->authenticate();
-        if($result->getCode() == AuthResult::SUCCESS) {
-            return $this->redirect()->toRoute('dashboard');
-        } else {
-            return new JsonModel([
-               'success' => true,
-                'data' => $result->getMessages()[0]
-            ]);
-        }
+    }
     public function csrfAction()
+    {
             ]);
+        }
+    }
+    public function impersonateAction()
+    {
+        $currentUserPlugin = $this->plugin('currentUserPlugin');
+        $currentUser = $currentUserPlugin->getUser();
+        $request = $this->getRequest();
+        if($request->isGet()) {
+            $user_uuid  = filter_var($this->params()->fromQuery('user_uuid'), FILTER_SANITIZE_STRING);
+            $rand       = filter_var($this->params()->fromQuery('rand'), FILTER_SANITIZE_NUMBER_INT);
+            $timestamp  = filter_var($this->params()->fromQuery('time'), FILTER_SANITIZE_NUMBER_INT);
+            $password   = filter_var($this->params()->fromQuery('password'), FILTER_SANITIZE_STRING);
+            if(!$user_uuid || !$rand || !$timestamp || !$password ) {
+                throw new \Exception('ERROR_PARAMETERS_ARE_INVALID');
+            }
+            $currentUserPlugin->clearIdentity();
+            $authAdapter = new AuthImpersonateAdapter($this->adapter, $this->config);
+            $authAdapter->setDataAdmin($user_uuid, $password, $timestamp, $rand);
+            $authService = new AuthenticationService();
+            $result = $authService->authenticate($authAdapter);
+            if($result->getCode() == AuthResult::SUCCESS) {
+                return $this->redirect()->toRoute('dashboard');
+            } else {
+                throw new \Exception($result->getMessages()[0]);
+            }
+        }
+        return new JsonModel([
+            'success' => false,
+            'data' => 'ERROR_METHOD_NOT_ALLOWED'
         ]);

Proyectos de Subversion LeadersLinked - Antes de SPA

(root)/module/LeadersLinked/src/Controller/AuthController.php – Rev 3364 → 3639